summaryrefslogtreecommitdiff
path: root/external
AgeCommit message (Collapse)AuthorFilesLines
2019-08-30NSS fix lcc support patchJan-Marek Glogowski2-0/+12
This hangs the build process with current MSVC cl.exe. It even hangs when just calling "cl -? >/dev/null". Probably a cl.exe bug to detect redirection properly? This adds stdin redirection to /dev/null, like in configure.ac checks. Reviewed-on: https://gerrit.libreoffice.org/75495 Reviewed-by: Jan-Marek Glogowski <glogow@fbihome.de> Reviewed-by: Tor Lillqvist <tml@collabora.com> Tested-by: Tor Lillqvist <tml@collabora.com> (cherry picked from commit b11ea5e9c37b19f0d60a4075146668954a7bf728) Change-Id: Ie03c3103ac68cd131dc280755621a8ce0417314f Reviewed-on: https://gerrit.libreoffice.org/75514 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2019-08-30nss: upgrade to release 3.45Michael Stahl5-548/+7
Fixes CVE-2019-11729 CVE-2019-11719 CVE-2019-11727, and the less important CVE-2018-12384 and CVE-2018-12404 from intermediate releases. Since NSS 3.44 it's possible to build as static libraries and for iOS; drop the nss-chromium-nss-static.patch and nss-more-static.patch and hope that it works. Drop one hunk from nss.patch that looks fixed upstream. Change-Id: I7f37ac36f7f8dfd49d0bfb4a6185ca49d4f618a3 Reviewed-on: https://gerrit.libreoffice.org/75344 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 6efc8a33f69bc7f4be45b7b81f67cd74c163b99e) Reviewed-on: https://gerrit.libreoffice.org/75411 Tested-by: Michael Stahl <Michael.Stahl@cib.de>
2019-08-30Install UCRT from MSUs, not using nested VC Redist installMike Kaganski2-0/+30
Using nested install is bad because (1) MS advises against it (though it most possibly doesn't relate to our specific case, when we install the vc redist exe package in UI part, so actually only a single MSI session is active at any time); (2) because it adds some extra interactions (user sees something "unrelated" being installed, which raises concerns; additional admin authentication required); and (3) because it runs in InstallUISequence, thus only installing the UCRT when doing interactive installation (unattended installs, including GPO, need to install UCRT separately). This patch aims to incorporate the original UCRT MSU (Windows Update) packages (https://support.microsoft.com/en-us/help/2999226) available as a zip archive from https://www.microsoft.com/en-us/download/details.aspx?id=48234 - the same as used in VC redists for VS 2015 and 2017. This obsoletes the separate installation of the redist; since we also have the redist as merge module in our MSI, that is enough (and removes redundancy). The MSUs are installed using wusa.exe in a custom action (deferred, non-impersonating). As a small bonus, embedding MSUs instead of redist EXE allows us to shrink the size of installer a little (~10 MB). As deferred custom actions cannot access current installer database, we workaround this by using initial immediate impersonating action to extract the binaries into a temporary location. To ensure that the file gets removed upon completion (both successful and failed), we use an additional cleanup action. Commit 61b1d631331551b43bc7d619be33bfbfeff7cad6 is effectively reverted. Change-Id: I1529356fdcc67ff24b232c01ddf8bb3a31bb00bd Reviewed-on: https://gerrit.libreoffice.org/52923 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2019-08-30libxslt: add patch for CVE-2019-11068Michael Stahl2-0/+121
Change-Id: I3fe30de8140dce3d81cdfae7d41e0bd465b1d5f4 Reviewed-on: https://gerrit.libreoffice.org/70879 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 2d85b75b1220484aebd6e583d6d7aee71280e38e) Reviewed-on: https://gerrit.libreoffice.org/70894 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 32948e7778b959ef1037d9be707a6bfc7db4160d)
2019-08-30openssl: remove MinGW patchMichael Stahl2-124/+0
This breaks the OPENSSL_IMPLEMENT_GLOBAL macro quite badly, which is also used on MSVC builds, and MSVC warns about the breakage. Change-Id: I8f4c7c8097e7d737ca32d6a020a569c0a99b92d4
2019-08-30openssl: try to fix build with 7.1A SDKMichael Stahl1-1/+1
Change-Id: Ic4a9e53227e34fe41a69afd52a9e91ef9545f8f9
2019-08-30python3: upgrade to release 3.5.7Michael Stahl2-0/+63
Fixes CVE-2019-9636 CVE-2019-5010 CVE-2018-14647 Reviewed-on: https://gerrit.libreoffice.org/70182 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 3c7354a85a9bd47a2676aadaad2f6622fe2d959c) Reviewed-on: https://gerrit.libreoffice.org/70194 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit a072b91c03f7e24cc5fe99e4b7462d37ef8d703b) Change-Id: If0a115960aed1ee90b63e6716c844669f0ec91e5
2019-08-30poppler: upgrade to release 0.74.0Michael Stahl3-6/+34
Fixes CVE-2019-7310. Add patch to fix CVE-2019-9200 too. CVE-2018-20662 looks irrelevant because we don't build pdfunite tool. Reviewed-on: https://gerrit.libreoffice.org/69094 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit f9b354784faf65ecc8024cf6d7d7aaf589f6d91f) Change-Id: I5e7ddabbb341f6bfefb376d552b50c4006f41906
2019-08-30upload openssl 1.0.2kDavid Tardon1-1/+1
Reviewed-on: https://gerrit.libreoffice.org/33800 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit a97371bf4d123ece75f3f9aeef8f3d4abfc6ad9c) Change-Id: I26d49db0207b3f4f64aa9698da4cf3567d195834
2019-08-30mDNSResponder: upgrade to release 878.200.35Michael Stahl3-106/+0
Apple can't afford the costly GPG licenses to sign releases apparently, but the sha256 matches some OpenWRT and FreshPorts repos... Fixes CVE-2015-7988. Removing windows build patches, fixed upstream (except for the last hunk of the SOCKET patch, but that is in code that is only used on MacOSX). Reviewed-on: https://gerrit.libreoffice.org/68092 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 3a85c2db176db708c0ff9401c40858eb60e80f1e) Change-Id: I9fdba5929badb75f995c66da0850d188780e7beb
2019-08-30curl: add patches for CVE-2018-16890 and CVE-2019-3822Michael Stahl3-0/+76
The third one (CVE-2019-3823) isn't relevant because SMTP is disabled. Change-Id: I2383c1a7b0c67c586402d4098092cee565edcdda Reviewed-on: https://gerrit.libreoffice.org/67445 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2019-08-30python3: add patch bpo-17239: Disable external entities in SAX parserMichael Stahl2-0/+60
Change-Id: I44e969d8d3a8fe6b6426d61a1cbe83154c8518dd Reviewed-on: https://gerrit.libreoffice.org/66329 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit a57dd8eba9c0799dd42eb547a37622bce8fdb0b3) Reviewed-on: https://gerrit.libreoffice.org/66370 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 66b3860fd1772284dc12d0d2d2c76ac59b16883e)
2019-08-30poppler: upgrade to release 0.73.0Michael Stahl4-11/+49
Change-Id: If20998f8565b5534a96b3f29ccec572273edca1d Reviewed-on: https://gerrit.libreoffice.org/66306 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 0609ea4fc27f34367716bf41c0cdaa7785aed9da) Reviewed-on: https://gerrit.libreoffice.org/66369 Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> (cherry picked from commit 033ff5b3eb90deaf6fd5eb8a74100233aa5fe772)
2019-08-30lcms2: upgrade to release 2.9Michael Stahl3-26/+173
... at least, that's the plan - this is harder than it appears, as the upstream maintainer appears to have released version 2.9 at least 3 times: - Fedora has a file evidently downloaded before Nov. 17 with SHA512 of e30ad5a9a1ab9e7aaace9431434caa19a5ff6143db46644aba971a5ee37a265b26bf738e886d766405a7eb45a9d620d67c7ab3684ace86a107cf5a76642c04a5 - Gentoo has a file evidently downloaded before Nov. 19 with SHA256 of d4ad6f8718f7f9dc8b2a3276c9f237aa3f5eccdcf98b86dedc4262d8a1e7f009 - Debian has a file evidently downloaded before Dec. 17 with SHA256 of 48c6fdf98396fa245ed86e622028caf49b96fa22f3e5734f853f806fbc8e7d20 The lcms2-2.9.tar.gz available from sourceforge currently matches the one Debian has, so let's use it. * 0017-Upgrade-Visual-studio-2017-15.8.patch added (fixing CVE-2018-16435) * 0001-Added-an-extra-check-to-MLU-bounds.patch.1 removed (fixed upstream) Change-Id: Iab8dada8f6d77d5b2da8560993380b3332bc02f6 Reviewed-on: https://gerrit.libreoffice.org/66400 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 99b20e589e64fbcf374d84ae68911ef2a96e537c) Reviewed-on: https://gerrit.libreoffice.org/66428 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 5d6a91c4df0ea51bb32794ff6068fa19bda44307)
2019-08-30lcms2: try to get rid of $(DEVENV) /UpgradeMichael Stahl1-1/+0
It's not clear to me that this is actually required, particularly why it would be required for VS 2015 but not VS 2017, and why only for this external and not the others that use MSBuild.exe. Reportedly this can fail if you have an expired or not yet registered VS, while strangely enough everything else compiles fine in that case, so rather than try to find out how to check for that issue in configure, avoid the problem by removing the /Upgrade. Change-Id: I55566e109e57117f65febb91de7580667c984a54 Reviewed-on: https://gerrit.libreoffice.org/34947 Reviewed-by: David Ostrovsky <david@ostrovsky.org> Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit aa7390652bbc3f80907707bd4aebcf2ea8a413c7)
2019-08-30upload lcms2 2.8David Tardon7-2131/+5
Change-Id: I8a3b138c051d3cddf25855a635262311669bdddc Reviewed-on: https://gerrit.libreoffice.org/33798 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 0ada594b5c4cd8490efac86029674187356c56c8)
2019-08-30libxml2: fix MSVC buildMichael Stahl1-1/+2
libxml2.rc(1) : fatal error RC1015: cannot open include file 'winver.h'. Change-Id: I6653eaefd1da0440811154a718683951d79fb871
2019-08-30libxml2: upgrade to release 2.9.9Michael Stahl2-14/+2
* fixes CVE-2018-14404 * drop one hunk from libxml2-android.patch that was added in commit 6a17d2f2ba7acfec277314b97b50e41532d6b44d; presumably nan() exists now given that other code is calling it. Change-Id: I696cc4e1da55536ea1c89a6e0446ce5bc8398ba4 Reviewed-on: https://gerrit.libreoffice.org/66308 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit beea5852720b22043aefcd1e6b7243c202b40601) Reviewed-on: https://gerrit.libreoffice.org/66367 Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit 69b5995ed815bea4d21080f64a4232f44131696f)
2019-08-30libxml2: upgrade to release 2.9.8Michael Stahl2-7/+8
Change-Id: Ic6802c16b740f6aee59ae2f74b7edcd37461f1f3 Reviewed-on: https://gerrit.libreoffice.org/50835 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit f775b5427bf085577feb5badb762156283d76ae5)
2019-08-30upload libxml2 2.9.7David Tardon1-1/+1
Change-Id: I3f72ec938c87e0c0d30a91b32d96fedf5379207f Reviewed-on: https://gerrit.libreoffice.org/44423 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 3ab270242edc9e2ccbe50b2abecf3fec242113d1)
2019-08-30upload libxml2 2.9.6David Tardon1-1/+1
Change-Id: Iafb9d9e2459451d213cad5d9141755df999d7ced Reviewed-on: https://gerrit.libreoffice.org/43306 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit a0439f5a5b8ee8adaeba0bacbef3bf77a7fd05a0)
2019-08-30libxml2: upgrade to release 2.9.5Michael Stahl9-604/+2
* drop ubsan.patch.0: presumably fixed upstream * drop 0001-* CVE fixes: fixed upstream Change-Id: I3e2a53b5ef82ef8edd85e812fd5dee67ab60db94 Reviewed-on: https://gerrit.libreoffice.org/41951 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit 2b329599183107735e1a7b6aad516452eb6fa6a6)
2019-08-30curl: fix CVE-2017-1000254 & CVE-2018-14618/1000120Thorsten Behrens4-0/+186
* still don't upgrade to new release, no idea how the new windows build system likes targeting Win XP which is still supported in 5.4 Change-Id: If9c235d2c3e1902f154cae570a9719945112fe33 (cherry picked from commit 8d86210e1d113f5688015ea197d7b04b173899fb)
2019-08-30Drop support for MSVC 2013David Ostrovsky31-3671/+1
Reviewed-on: https://gerrit.libreoffice.org/22588 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 84b36c704d73362d4d86dc9e9c0efa0625958347) Conflicts: configure.ac download.lst external/python33/ExternalPackage_python3.mk external/python33/ExternalProject_python3.mk external/python33/Module_python33.mk external/python33/UnpackedTarball_python3.mk external/python33/clang-cl.patch.0 Change-Id: Ibf47c9ff7b5fb098e284a58c547b61286264dd80 (cherry picked from commit a5f0e613a5b2017c8e9a9373f3c175529d321bb2)
2019-08-30nss: upgrade to release 3.38Michael Stahl1-0/+10
Fixes CVE-2018-0495 and "the ASN.1 code". (Remove one hunk of nss-android.patch.1 that should be obsolete with the current Android toolchain baseline (but that hunk didn't exist in libreoffice-6-0 or older anyway).) Change-Id: I5516edec17b72f53acd2749e8840805eead077bc Reviewed-on: https://gerrit.libreoffice.org/58697 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit 3ef76067bfa1f9f60ec3989bd6b40a5760137903) Reviewed-on: https://gerrit.libreoffice.org/58722 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> (cherry picked from commit e4874f777048535650a2bb1ce875e1a6e3e4b7ef) (cherry picked from commit 88c54effcdfa2fb044add69da3a47d06ef796271)
2019-08-30nss: Upgrade to release 3.31.1 and update patchesGautam Prajapati1-63/+53
This commit updates the NSS to release 3.31.1 and NSPR to 4.15. It also updates the external/nss/nss.patch and external/nss/nss-android.patch to incorporate the NSS source changes. Change-Id: Icdd933b67e717f8d91622cd5f6001e34e261b746 Reviewed-on: https://gerrit.libreoffice.org/41636 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit c6df07f905cd9562132b06e44f90b0479b250f7a) (cherry picked from commit fc5aafb1478affadce79a82c3504182e65e2525e)
2019-08-30nss: try to remove nss.windowbuild.patch.0Michael Stahl2-56/+0
It's not obvious to me what problem this solves. Maybe the problem no longer exsists in the new upstream release? Change-Id: I16762e0024536afb821eac70c6ba3929d5b8927a Reviewed-on: https://gerrit.libreoffice.org/36798 Reviewed-by: Michael Stahl <mstahl@redhat.com> Tested-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit 489414f2395b6c8008ebcda7c37a150fd4ed7ad5) (cherry picked from commit e2ec351222a76644f61800363274bb702fedbc36)
2019-08-30Resolves: tdf#112269 libwpd fixCaolán McNamara2-0/+43
Change-Id: I0d8d6887fa360c05d5f9e2a070410c77926b9ce1 Reviewed-on: https://gerrit.libreoffice.org/42056 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 05da1c67e49a2d758799db735a826c4d292fea44) (cherry picked from commit 9618de6c0b58770d79761ad28386a701daf4f3df)
2019-08-30use correct sizeDavid Tardon2-0/+26
(cherry picked from commit d1ae31a1fc49ec7a68b2a07c5e5e97d95b346ca9) Change-Id: I620ada9b209bb2084eccaa81385beb6306d6a3d0 Reviewed-on: https://gerrit.libreoffice.org/38827 Reviewed-by: Michael Stahl <mstahl@redhat.com> Tested-by: Michael Stahl <mstahl@redhat.com> (cherry picked from commit 54e7b46718bf2f47c7f55a93cfbb23681429ffc6) (cherry picked from commit 2f3482382f4c07b5caf21dc26d34d621efdc66e8)
2019-08-30curl: in 7.52.1, the parameter is documented as --with-libidn2,Michael Stahl1-0/+1
but actually it is --with-libidn (it's consistent in later versions). Change-Id: Ib24767974173e4c737fc10d9420e6dbad3440239 (cherry picked from commit 66a2c1fe2e4fd57987ae62f6274a89fab0fab58a)
2019-08-30curl: disable protocols nobody needs in MSVC buildMichael Stahl2-0/+25
These are disabled via configure on other platforms. Change-Id: I4e27865396f3817ceb5645ab8589c21fdaa5afab (cherry picked from commit 152a1d279cbc81e7b5f076a2c4b20c12c6929ce6) (cherry picked from commit db39b7ec54f3a8875c083b064cc2c7a2a76f9fcf)
2019-08-30curl: disable more unnecessary stuffMichael Stahl1-5/+8
Only HTTP and FTP should be required. Add --without-libpsl --disable-ares --disable-rtsp --disable-smb, and --without-libidn was replaced with --without-libidn2. Change-Id: Icf6afc8bff4cc7ad7a5a95b0c3f9a345a7cf67a3 (cherry picked from commit 9fd26734d3cbbd9b58f4b08058a75063632f57d1) (cherry picked from commit 9d75749f70ab4997b9450c855285fb2a2c89d777)
2019-08-30fix build of bundled python3 with bundled zlibDavid Tardon2-0/+10
Change-Id: I383a04ea926187263b1d7e11c548817fa9ca3fb6 (cherry picked from commit b2c16b3563a4a8e4b54f6fc0cb1be597e7c5b27d) (cherry picked from commit c65e855d381bcc1e048252624009eeba09163e22)
2019-08-30external/python3: Fix building against external/zlibStephan Bergmann2-0/+47
...whose (static) library is called "zlib" instead of just "z". (I ran into this when trying to do a 32-bit Linux build in a 64-bit environment, with only very limited 32-bit support installed in the system.) Reviewed-on: https://gerrit.libreoffice.org/28964 Reviewed-by: Stephan Bergmann <sbergman@redhat.com> Tested-by: Stephan Bergmann <sbergman@redhat.com> (cherry picked from commit 5fb8a050210a7cabf49daac0da8f80b94d60de2c) Conflicts: external/python3/ExternalProject_python3.mk Change-Id: I9286975917ddf643a22803561677af035e66fb98 (cherry picked from commit 4fd6effb6e85398d4143f09897cc6215d75686dc)
2019-08-30poppler: fix incorrect GCC_VERSION checkMichael Stahl1-2/+3
The minor version is encoded into the last 2 digits, the micro version is not avialable. Change-Id: I4eee40511d732ec8cfc8d85943b965bb6e06d66e Reviewed-on: https://gerrit.libreoffice.org/56380 Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> Tested-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com> Tested-by: Jenkins (cherry picked from commit 16b10d9ac976d40daffee1d15456016f4a89cd2e) Reviewed-on: https://gerrit.libreoffice.org/56388 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 9c3a0c9e5f33d1a53afe76135739896dfa63fc2a)
2019-08-30poppler: try to work around GCC 4.8.2 bugMichael Stahl1-0/+15
As seen on Linux-rpm_deb-x86@71-TDF: poppler/Annot.cc:2491:1: internal compiler error: in connect_traces, at dwarf2cfi.c:2676 The bug report claims that -march=i586 works around the bug. Change-Id: I1d97d2df9049e058d49987424cc8e4818a9fa9c6 (cherry picked from commit 1c7921c43960a4a6717c816d646cf0f65fbaec12) Reviewed-on: https://gerrit.libreoffice.org/56292 Tested-by: Jenkins Reviewed-by: Michael Stahl <Michael.Stahl@cib.de> (cherry picked from commit dce6401f7e1f466c30996ad606699479713209e5) Reviewed-on: https://gerrit.libreoffice.org/56299 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit b3450c197e8c5349cbe452ebb9f79f291e8b8383)
2019-08-30poppler: poppler-snprintf.patch.1 needs rebaseMichael Stahl1-1/+1
Presumably it's needed for MSVC 2013. Change-Id: Ibcd3bab373616faa58db4dab0f92f058d1dfafac Reviewed-on: https://gerrit.libreoffice.org/56274 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 15cbef65b217e3ca09a5624ecd82624e4ed93785)
2019-08-30poppler: upgrade to release 0.66.0Michael Stahl10-359/+614
Unfortunately the autotools build system was removed in 0.60.0, and the CMake one is a bit overeager in linking against system libraries that happen to be installed on the build machine, and we currently don't require CMake anyway, so avoid the problems by using a gbuild makefile and a patch to add the generated header files. Remove all current patches: poppler-notests.patch.1: obsolete (autotools build system) poppler-mac-fake.patch.1: presumed obsolete ubsan.patch.0: presumably fixed differently upstream in https://cgit.freedesktop.org/poppler/poppler/commit/?id=f43cb73939f85952d83afc87a6dc638dc1ae311b poppler-libjpeg.patch.1: obsolete (autotools build system; there appears to be no way to do this with CMake?) 0001-Fix-building-with-old-clang.patch.1: merged upstream Change-Id: I271c87ab3ec25cc9d1e8fafb04dae7c004acc350 (cherry picked from commit 5f8426a077ec0986a4b6cf8a58515ad5496f78e0) Reviewed-on: https://gerrit.libreoffice.org/56259 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit df46a8beb12639b0cdf6a23d2c1107ffd7f7c86c)
2019-08-30upload poppler 0.59.0David Tardon3-12/+40
Change-Id: I21dfa3aa04bd960cb2fb87a53213ae4bbd510a24 Reviewed-on: https://gerrit.libreoffice.org/42061 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 1c983335116a6f09cabf0b3eae7f51951111341e) Reviewed-on: https://gerrit.libreoffice.org/56256 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit b21a87eebf8b72a70ec7788d883cd75e485a2eca)
2019-08-30upload poppler 0.55.0David Tardon2-2/+2
Change-Id: I19b7d324a2dc50d006b4d255ddb6a5c1f15bc616 Reviewed-on: https://gerrit.libreoffice.org/37998 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit b12e16f8fc186117cbb20cc3866bf052a3d75515) Signed-off-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 51775f495f0399177edbcabb2ad881cdd9f57e0f) Reviewed-on: https://gerrit.libreoffice.org/56255 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 135a80337da4549df6b0a5c14ad38e9edc0680f3)
2019-08-30upload poppler 0.49.0David Tardon3-23/+0
Change-Id: I98508a1a2b57c7b39d5be3bf216271001b6a0427 Reviewed-on: https://gerrit.libreoffice.org/31111 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: David Tardon <dtardon@redhat.com> (cherry picked from commit 6f1ae11761ddfa2f928254ff51f1860155f670a4) Signed-off-by: David Tardon <dtardon@redhat.com> (cherry picked from commit b1d30ac04e95e72883c759110df6d5e46ce94510) Reviewed-on: https://gerrit.libreoffice.org/56254 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 9c458cb6de652edd48b84b25ccb22dab1b0b4f22)
2019-08-30poppler: remove obsolete ubsan patch hunkMichael Stahl1-37/+0
With eea709f67d91e271e3df37e6c6724b7b5870b1ee "poppler: build against libjpeg" the poppler internal JPEG code is no longer used. Change-Id: I018a53a495ec505af92bb9b1c1a0c42e0a4f35b8 (cherry picked from commit 21ca0db5ec27662a3e047d7547eae9beb87b0b01) Reviewed-on: https://gerrit.libreoffice.org/56253 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit ae00e06b99d66fdf5306e73df8f85397fa0ab7c3)
2019-08-30upload poppler 0.48.0David Tardon3-23/+0
Change-Id: I18c49505f71ab609e5cc0e4db759152c3c1d5825 (cherry picked from commit dc522a114d24ad7c550c072d4f29f50a62260b77) Reviewed-on: https://gerrit.libreoffice.org/56252 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 2543b42096ad1be8d744eb3c9976f30add50bbb7)
2019-08-30external/poppler: Avoid UBSan warning about undefined downcastStephan Bergmann1-0/+218
...of this-ptr of in-construction FormFieldSignature while still in the base FormField ctor, as happens (in the xpdfimport process) during CppunitTest_xmlsecurity_signing: > Form.cc:448:12: runtime error: downcast of address 0x60f000000040 which does not point to an object of type 'FormFieldSignature' > 0x60f000000040: note: object is of type 'FormField' > 03 00 00 6d 50 84 f2 00 00 00 00 00 03 00 00 00 04 00 00 00 00 00 00 00 01 be be be 07 00 00 00 > ^~~~~~~~~~~~~~~~~~~~~~~ > vptr for 'FormField' > #0 0x73d7f4 in FormWidgetSignature::FormWidgetSignature(PDFDoc*, Object*, unsigned int, Ref, FormField*) workdir/UnpackedTarball/poppler/poppler/Form.cc:448:12 > #1 0x741713 in FormField::_createWidget(Object*, Ref) workdir/UnpackedTarball/poppler/poppler/Form.cc:677:34 > #2 0x73e747 in FormField::FormField(PDFDoc*, Object*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*, FormFieldType) workdir/UnpackedTarball/poppler/poppler/Form.cc:547:7 > #3 0x74ec2b in FormFieldSignature::FormFieldSignature(PDFDoc*, Object*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1383:5 > #4 0x740d7f in Form::createFieldFromDict(Object*, PDFDoc*, Ref const&, FormField*, std::set<int, std::less<int>, std::allocator<int> >*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1700:19 > #5 0x750727 in Form::Form(PDFDoc*, Object*) workdir/UnpackedTarball/poppler/poppler/Form.cc:1623:33 > #6 0x71d440 in Catalog::getForm() workdir/UnpackedTarball/poppler/poppler/Catalog.cc:1042:18 > #7 0x708572 in Annots::createAnnot(Dict*, Object*) workdir/UnpackedTarball/poppler/poppler/Annot.cc:7218:41 > #8 0x70772b in Annots::Annots(PDFDoc*, int, Object*) workdir/UnpackedTarball/poppler/poppler/Annot.cc:7128:17 > #9 0x87f3e9 in Page::getAnnots(XRef*) workdir/UnpackedTarball/poppler/poppler/Page.cc:405:18 > #10 0x8814b0 in Page::displaySlice(OutputDev*, double, double, int, bool, bool, int, int, int, int, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/Page.cc:611:15 > #11 0x880ff6 in Page::display(OutputDev*, double, double, int, bool, bool, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/Page.cc:521:3 > #12 0x88d906 in PDFDoc::displayPage(OutputDev*, int, double, double, int, bool, bool, bool, bool (*)(void*), void*, bool (*)(Annot*, void*), void*, bool) workdir/UnpackedTarball/poppler/poppler/PDFDoc.cc:491:20 > #13 0x5d59fb in main sdext/source/pdfimport/xpdfwrapper/wrapper_gpl.cxx:142:14 > #14 0x7f11600ea730 in __libc_start_main (/lib64/libc.so.6+0x20730) > #15 0x459388 in _start (instdir/program/xpdfimport+0x459388) Change-Id: Ia808919c8d2363d616feb4664f314a77b40dfbb8 (cherry picked from commit 55013a7776a43bb18b7fb8faa1839369c3383cb7) Reviewed-on: https://gerrit.libreoffice.org/56251 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit cd433c539d6f3915462851f5d3f5bc8e5c600a61)
2018-06-01Patch liborcus to avoid incorrect parsing of XML.Kohei Yoshida2-0/+31
Found by Antti Levomäki and Christian Jalio from Forcepoint. This one is not a backport from the master branch. On the master branch the same fix will come from updating liborcus from 0.13.3 to 0.13.4. (cherry picked from commit 160350de5f07024b22fb5a9b596918ccc7f22c75) Conflicts: external/liborcus/UnpackedTarball_liborcus.mk Reviewed-on: https://gerrit.libreoffice.org/50147 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Markus Mohrhard <markus.mohrhard@googlemail.com> (cherry picked from commit f25bc1254782589af5d24471599260b65558154a) Conflicts: external/liborcus/UnpackedTarball_liborcus.mk Change-Id: I701c5a65ff67d77767913f8d056682b9db549f84
2018-06-01curl: fix CVE-2018-1000005/1000007Michael Stahl3-0/+148
* don't upgrade to new release, no idea how the new windows build system likes targeting Win XP which is still supported in 5.4 Change-Id: I4fbd7f1c5f1f0563895f6f8ede10063621d10a4b Reviewed-on: https://gerrit.libreoffice.org/48542 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Eike Rathke <erack@redhat.com> (cherry picked from commit ed497921314ebd41fce3483c92ca433b502628ca)
2018-06-01curl: fix CVE-2017-8816Michael Stahl2-0/+68
* don't upgrade to new release, no idea how the new windows build system likes targeting Win XP which is still supported in 5.4 * CVE-2017-8817 doesn't affect LO as CURLOPT_WILDCARDMATCH isn't used * CVE-2017-8818 doesn't affect the old 7.52 version Change-Id: I49ddb771ccdb93d5fe8f4b3544f74ab9b171c156 Reviewed-on: https://gerrit.libreoffice.org/45487 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Caolán McNamara <caolanm@redhat.com> Tested-by: Caolán McNamara <caolanm@redhat.com> (cherry picked from commit aa0f44de5b260b2b2a39bdd2de9445d72ab14265)
2018-02-11python3: put a RPATH into libpython3.soMichael Stahl4-9/+19
libpython3.so is the "ABI compatible" wrapper library around libpython3.5m.so - it is not actually used by anything in LO right now, but let's ensure it has RPATH $ORIGIN just in case. This revealed that the AIX patch in python3 accidentally changed the SONAME of libpython3.5m.so from upstream's libpython3.5m.so.1.0 on ELF platforms, because the SONAME variable was set in the shell command but read as a make variable in the next line, which is actually evaluated earlier. So rename a few files in packages to use the upstream SONAME. Change-Id: I3611f75eee62b0993b853230521a2fa41ac5cd9c (cherry picked from commit b078e0d638514b298616838fae090b8294bac32f)
2018-02-09new release of Graphite lib: 1.3.9Andras Timar1-5/+5
Reviewed-on: https://gerrit.libreoffice.org/30771 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Andras Timar <andras.timar@collabora.com> (cherry picked from commit 0220020a620a69eae493070ddd88cc74825400b1) Conflicts: download.lst Change-Id: I4e9a7ebf323848a03e02da3e9ed39377d1df6715
2018-02-09python3: upgrade to release 3.5.4David Ostrovsky3-44/+50
Change-Id: I9300b2ec1e1dcedbcbfe793e1450166af1bf1944 Reviewed-on: https://gerrit.libreoffice.org/40944 Reviewed-by: Michael Stahl <mstahl@redhat.com> Tested-by: Jenkins <ci@libreoffice.org> (cherry picked from commit f0e68d4feaaa43f7450432ad1ebd92c2b572400f) Reviewed-on: https://gerrit.libreoffice.org/41028 (cherry picked from commit f18ea813967c1b35a8977bd193c19857f61f7a8c)